Problem adding member server

imapi · August 14, 2015, 7:13am

Just made a clean UCS install as a PDC, i could connect one windows 7 computer. Now i wanted to make separate UCS server as a fileserver and as documentation suggest it is wise to make it as a “member server”. Installation goes fine until setup hangs on “Domain setup ( this might take a while) - Preparing Domain Join”. Is there a way I can see logfiles somewhere what causes this hangup? From the PDC i can see that the new computer has appeared on the Devices / Computers section

Moritz_Bunkus · August 14, 2015, 8:06am

Hey,

I’m not sure whether or not you can get more details from the installer, but you can also join the server to the domain after the installation has completed and the server has been rebooted. No need to remove the already-existing entry from the domain either, it’ll be re-used/overwritten.

For such a manual join you’ll have to log in as root and execute »univention-join«. That should print out a lot of lines of hook scripts the task is executing.

Additionally you can find information about the join process in the log file /var/log/univention/join.log.

imapi · August 14, 2015, 8:50am

I guess I found the problem:

root@zeus:~# univention-join
univention-join: joins a computer to an ucs domain
copyright © 2001-2015 Univention GmbH, Germany

Enter DC Master Account : Administrator
Enter DC Master Password:

Search DC Master: done
Check DC Master: done
Stop LDAP Server: done
Search ldap/base done
Start LDAP Server: done
Search LDAP binddn done
Sync time: done
Join Computer Account: done
Sync ldap.secret: done
Sync ldap-backup.secret: done
Sync SSL directory: done
Check TLS connection: done
Download host certificate: …

Moritz_Bunkus · August 14, 2015, 9:34am

Can you please post the content of the join.log?

imapi · August 14, 2015, 9:58am

Well, i can not do that because I allready destroyed the vm -s. But I have a pretty good guess where the problem is. I reinstalled all servers and test workstation and the second time joining the domain worked:

Enter DC Master Account : Administrator
Enter DC Master Password:

Search DC Master: done
Check DC Master: done
Stop LDAP Server: done
Search ldap/base done
Start LDAP Server: done
Search LDAP binddn done
Sync time: done
Join Computer Account: done
Sync ldap.secret: done
Sync ldap-backup.secret: done
Sync SSL directory: done
Check TLS connection: done
Download host certificate: done
Sync SSL settings: done
Restart LDAP Server: done

i guess the problem was that I changed / regenerated the root certificate last time